Skip to content

Commit 92be743

Browse files
authored
Merge pull request #14 from NETWAYS/health-auth
Change healthz endpoint to not require auth
2 parents cf69c9b + 54230ce commit 92be743

2 files changed

Lines changed: 9 additions & 10 deletions

File tree

internal/api/listener.go

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -53,9 +53,9 @@ func NewListener(config *config.Config, logger *slog.Logger, icingaClient *icing
5353
mux := http.NewServeMux()
5454
// Register all handler functions here to have a central overview of the API
5555
mux.HandleFunc("GET /healthz", l.handleHealthy)
56-
mux.HandleFunc("POST /webhook", l.handleIncomingAlert)
56+
mux.HandleFunc("POST /webhook", authHandler(l.handleIncomingAlert, config.BearerToken))
5757

58-
l.mux = authHandler(mux, config.BearerToken)
58+
l.mux = mux
5959

6060
return l
6161
}
@@ -115,25 +115,25 @@ func (l *Listener) Run(ctx context.Context) error {
115115

116116
// authHandler is a Middleware for handling authorization.
117117
// We currently only need Bearer token authorization, since we don't have complex actions in the API.
118-
func authHandler(next http.Handler, expectedToken string) http.Handler {
118+
func authHandler(f func(http.ResponseWriter, *http.Request), expectedToken string) http.HandlerFunc {
119119
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
120120
// Get the Authorization Header from the request
121121
authHeader := r.Header.Get("Authorization")
122122

123123
scheme, receivedToken, found := strings.Cut(authHeader, " ")
124124

125125
if !found || !strings.EqualFold(scheme, "Bearer") || receivedToken == "" {
126-
http.Error(w, "malformed authorization header", http.StatusUnauthorized)
126+
http.Error(w, "unauthorized. missing or malformed authorization header", http.StatusUnauthorized)
127127
return
128128
}
129129

130130
if receivedToken != expectedToken {
131-
http.Error(w, "invalid token", http.StatusUnauthorized)
131+
http.Error(w, "unauthorized. invalid token", http.StatusUnauthorized)
132132
return
133133
}
134134

135135
// Pass down the request to the next middleware or handler
136-
next.ServeHTTP(w, r)
136+
f(w, r)
137137
})
138138
}
139139

internal/api/listener_test.go

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -41,8 +41,8 @@ func TestAuthHandler_WithOK(t *testing.T) {
4141
w.WriteHeader(http.StatusOK)
4242
}
4343

44-
var handler http.Handler = http.HandlerFunc(h)
45-
handler = authHandler(handler, "foobar123")
44+
var handler http.Handler = authHandler(http.HandlerFunc(h), "foobar123")
45+
4646
w := httptest.NewRecorder()
4747

4848
reqNoType, _ := http.NewRequestWithContext(context.Background(), "GET", "/", nil)
@@ -69,8 +69,7 @@ func TestAuthHandler_WithFail(t *testing.T) {
6969
w.WriteHeader(http.StatusOK)
7070
}
7171

72-
var handler http.Handler = http.HandlerFunc(h)
73-
handler = authHandler(handler, "foobar123")
72+
var handler http.Handler = authHandler(http.HandlerFunc(h), "foobar123")
7473
w := httptest.NewRecorder()
7574

7675
req, _ := http.NewRequestWithContext(context.Background(), "GET", "/", nil)

0 commit comments

Comments
 (0)